|
On Mon, Apr 23, 2007 at 04:33:15PM -0500, isplist@xxxxxxxxxxxx wrote:
> I'm using LVS for various web services in load balanced manner and all works
> fine.
>
> I've set up a new mail cluster which I'd like to use LVS in front of but for
> some reason, am having problems this time around and cannot find the reasons
> for this.
>
> The mail services are standard ports 25, 80, 143, 110 for testing. The mail
> server/s is/are using NAT IP's behind one real IP for the cluster.
> Since they are clustered, I will only note one server from this point on.
>
> So, when checking if everything works externally, when not behind LVS, all
> does seem to work just fine. When LVS is in front, nothing seems to work.
It could be something silly like not having
/proc/sys/net/ipv4/ip_forward ebled or some errant iptables
rules blocking packets.
Does anything show up in the LVS conection counters?
# ipvsadm -L -n
If you run tcpdump or simolar on the internal and external interfaces of the
LVS machine, do the packets disapear at some point?
> Here are some additional details. I've obviously overlooked something;
>
> On the servers, in /etc/sysconfig/iptables;
I don't think that you need these iptables rules, LVS shoud do NAT
without them.
> *nat
> :PREROUTING ACCEPT [602:53060]
> :POSTROUTING ACCEPT [13:885]
> :OUTPUT ACCEPT [13:885]
> -A PREROUTING -d 192.168.1.151 -p tcp -m tcp --dport 25 -j REDIRECT --to-ports
> 25
> -A PREROUTING -d 192.168.1.151 -p tcp -m tcp --dport 80 -j REDIRECT --to-ports
> 80
> -A PREROUTING -d 192.168.1.151 -p tcp -m tcp --dport 110 -j REDIRECT
> --to-ports 110
> -A PREROUTING -d 192.168.1.151 -p tcp -m tcp --dport 143 -j REDIRECT
> --to-ports 143
> -A PREROUTING -d 192.168.1.151 -p tcp -m tcp --dport 993 -j REDIRECT
> --to-ports 993
> -A PREROUTING -d 192.168.1.151 -p tcp -m tcp --dport 995 -j REDIRECT
> --to-ports 995
> COMMIT
>
> On LVS,
>
> serial_no = 114
> primary = 192.168.1.76
> service = lvs
> backup_active = 1
> backup = 192.168.1.77
> heartbeat = 1
> heartbeat_port = 539
> keepalive = 6
> deadtime = 18
> network = direct
> nat_nmask = 255.255.255.255
> debug_level = NONE
> monitor_links = 0
> virtual HTTP {
> active = 1
> address = 192.168.1.151 eth0:1
> vip_nmask = 255.255.255.0
> port = 80
> send = "GET / HTTP/1.0\r\n\r\n"
> expect = "HTTP"
> use_regex = 0
> load_monitor = none
> scheduler = wlc
> protocol = tcp
> timeout = 6
> reentry = 15
> quiesce_server = 0
> server qm249 {
> address = 192.168.1.249
> active = 1
> weight = 0
> }
> server qm250 {
> address = 192.168.1.250
> active = 1
> weight = 0
> }
> }
> virtual POP {
> active = 1
> address = 192.168.1.151 eth0:1
> vip_nmask = 255.255.255.0
> port = 110
> send = "GET / HTTP/1.0\r\n\r\n"
> expect = "HTTP"
> use_regex = 0
> load_monitor = none
> scheduler = wlc
> protocol = tcp
> timeout = 6
> reentry = 15
> quiesce_server = 0
> server qm249 {
> address = 192.168.1.249
> active = 1
> weight = 0
> }
> server qm250 {
> address = 192.168.1.250
> active = 1
> weight = 0
> }
> }
> virtual IMAP {
> active = 1
> address = 192.168.1.151 eth0:1
> vip_nmask = 255.255.255.0
> port = 143
> send = "GET / HTTP/1.0\r\n\r\n"
> expect = "HTTP"
> use_regex = 0
> load_monitor = none
> scheduler = wlc
> protocol = tcp
> timeout = 6
> reentry = 15
> quiesce_server = 0
> server qm249 {
> address = 192.168.1.249
> active = 1
> weight = 0
> }
> server qm250 {
> address = 192.168.1.250
> active = 1
> weight = 0
> }
> }
> virtual SMTP {
> active = 1
> address = 192.168.1.151 eth0:1
> vip_nmask = 255.255.255.0
> port = 25
> send = "GET / HTTP/1.0\r\n\r\n"
> expect = "HTTP"
> use_regex = 0
> load_monitor = none
> scheduler = wlc
> protocol = tcp
> timeout = 6
> reentry = 15
> quiesce_server = 0
> server qm249 {
> address = 192.168.1.249
> active = 1
> weight = 0
> }
> server qm250 {
> address = 192.168.1.250
> active = 1
> weight = 0
> }
> }
>
>
> _______________________________________________
> LinuxVirtualServer.org mailing list - lvs-users@xxxxxxxxxxxxxxxxxxxxxx
> Send requests to lvs-users-request@xxxxxxxxxxxxxxxxxxxxxx
> or go to http://www.in-addr.de/mailman/listinfo/lvs-users
--
Horms
H: http://www.vergenet.net/~horms/
W: http://www.valinux.co.jp/en/
|
